package com.jk.shiro;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.jk.pojo.Admin;
import com.jk.pojo.Permission;
import com.jk.service.AdminService;
import com.jk.service.PermissionService;

public class AuthenticationRealm extends AuthorizingRealm {

	@Resource
	private AdminService adminService;
	
	@Resource
	private PermissionService permissionService;
	
	/**
	 * 认证  校验用户身份是否合法
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		
		String username = (String) token.getPrincipal();
		Admin admin = new Admin();
		admin.setUsername(username);
		admin.setLocked(null);
		
		Admin record = adminService.queryOne(admin);
		
		if(record == null){
			throw new UnknownAccountException();// 没找到帐号
		}
		if (Boolean.TRUE.equals(record.getLocked())) {
			throw new LockedAccountException(); // 帐号锁定
		}
		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
				record, record.getPassword(), getName());
		return authenticationInfo;
	}
	
	/**
	 * 授权  查询当前用户具有哪些资源访问权限并进行资源授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCols) {
		Admin admin = (Admin) principalCols.getPrimaryPrincipal();
		List<Permission> permissionList = permissionService.queryPermissionByUser(admin.getId());
		
		//单独定一个集合对象 
		List<String> permissions = new ArrayList<String>();
		if(permissionList!=null){
			for(Permission permission:permissionList){
				//将数据库中的权限标签 符放入集合
				permissions.add(permission.getPercode());
			}
		}
		
		//查到权限数据，返回授权信息(要包括 上边的permissions)
		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		//将上边查询到授权信息填充到simpleAuthorizationInfo对象中
		simpleAuthorizationInfo.addStringPermissions(permissions);
		return simpleAuthorizationInfo;
	}
	
	
	@Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }
    
//  //清除缓存
//  	public void clearCached() {
//  		PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
//  		super.clearCache(principals);
//  	}

}
